Kemp Support, how can we help?

The latest application delivery knowledge and expertise at your fingertips.

Response Code Modification for WAF rules





When ModSecurity Web Application Firewall (WAF) rules use a response status code such as 401, 405, 500 etc, the LoadMaster will return a default "Unknown error" message to the client. The article will outline a workaround to change the response to the desired outcome.


Product: LoadMaster

Version: and above

Platform: Any

Application: Any

Question/Problem Description:

How to modify the default "Unknown error" returned by WAF for certain response error codes?

Steps to Reproduce:  
Error Message:  
Defect Number:  
Enhancement Number:  
Cause: Certain response error codes default to a single generic "Unknown error" response.

This workaround requires WAF to be enabled on a Sub Virtual service (SubVS) or a Nested Virtual Service (Nested VS).

On the top-level Virtual Service/Parent Virtual Service, there is a feature under advanced properties called Response Code Modification. A response mapping for the error code set in the WAF rule can be changed or mapped to the same error code on the list. For example a 405 status code set in a WAF rule, which will return a default "Unknown error" response instead of "Method Not Allowed"), can be mapped to "405 Method Not Allowed" under the Response Code Modification configuration. This will correctly change the "405 Unknown error" to "405 Method Not Allowed", and also change the response to JSON format (or XML if selected). This modified response is then returned to the client. Response Code Modification is only available on the Parent VS but not on a SubVS.


More information on Web Application Firewall (WAF):

Was this article helpful?
1 out of 1 found this helpful